|
|
Posted by Gordon Burditt on 02/06/06 21:20
>I've got a voting script that's a little too simple. I can vote as as
>many times as I can click on the link in my browser.
Isn't that about the same as electronic voting in the United States?
>I'n not trying to write an official voting system but I would like to
>do something as simple as catching the user's IP address and
>remembering it for a time interval. That has it's own problems, but
>it would at least prevent double clicks.
Beware of false positives (different people in the same office
voting through a NAT gateway or web proxy that makes them all appear
to have the same IP) and false negatives (dialup user who gets a
different IP every time he dials up).
>I can get the IP #, but how do I store it on a server? I can do a flat file
>or something.
Flat files have their problems, like locking when you've got several
voters updating the flat file simultaneously. But you can use them.
Look at functions like fopen().
Think about using a database (e.g. MySQL) backend. It's easy to
write a query like:
select count(*) from votesdone where ip = '$ip' and
stamp > subdate(now(), interval 24 hour)
If it returns a number greater than 0, that IP has voted recently.
If it returns 0, it hasn't.
Databases are good at locking, so you can lock the table, check if
they already voted, if not record their vote, and unlock. Or use
transactions.
Gordon L. Burditt
Navigation:
[Reply to this message]
|